Thanks guys. I solved the problem. I didn't realize the default rotation value was 15 minutes or so, therefore I thought no files were being created. Eventually I was able to see that all my captures were listening on their respective ports. There also seemed to be no output, because I was informed of the incorrect port that the routers were exporting on. All is well.
Quoting Mike Hunter <[EMAIL PROTECTED]>: > After you enter the flow-capture command, you can type > > echo $? > > And get the return code of the process. If it's 0, all's well, if it's > not, then there's a problem (this goes for anything, not just > flow-capture.) > > Also, weren't there some known issues with the redhat's flow-tools > package? If you have continued problems you could try getting the source > directly from the flow-tools site and compiling it by hand. > > Mike > > On Apr 03 at 23:10, "Alex Shepard" wrote: > > > flow-capture daemonizes itself by default. Check your process table > > for the flow-capture process: > > > > xenith:~ alexs$ sudo flow-capture -w flows 0/0/2056 > > xenith:~ alexs$ ps -ax |grep flow > > 19580 ?? Ss 0:00.00 flow-capture -w flows 0/0/2056 > > > > Use the -D flag if you want flow-capture to run in the foreground > > (this is not very well documented, sorry). > > > > That setsocketopt message is a red herring, it's just a report of > > some housekeeping data about the UDP socket it received from the > > operating system. > > > > You could then run the flow-* utilities on the flow files that were > > captured and saved to your working directory (look for files starting > > with ft-v*, dumped every 15 minutes, or on intervals specified with > > the -n flag). > > > > HTH, > > alex > > > > On Apr 3, 2006, at 10:37 PM, Matthew Heineke wrote: > > > > >I checked /var/log/messages > > > > > >Apr 4 00:30:34 cumbia flow-capture[25701]: setsockopt(size=4194304) > > > > > >I changed the port number to something random and not 80, that got rid > > >of a binding error (duh). > > > > > >any ideas on the setsockopt problem? > > > > > >> > > >>On Tue, 2006-04-04 at 00:08 -0500, Matthew Heineke wrote: > > >>>Hi I'm a student doing research with Netflow data exported from > > >>>one of > > >>>Vanderbilt Universities subnets. > > >>> > > >>>I installed flow-tools from yum, on FC4. > > >>> > > >>>I've read the man pages and I'm getting started with capturing data. > > >>>I want to capture data from any of the various routers we have > > >>>configured to export to my server. > > >>> > > >>>I run this simple command : > > >>>bash-3.00# flow-capture -w /home/heinekms/flows 0/0/80 > > >>>bash-3.00# > > >>> > > >>>As you can see it went back to the bash prompt immediately. > > >>>flow-capture will complain if I don't provide a working directory > > >>>or the > > >>>localip/remoteip/port. But it exits with amiable parameters. I'm not > > >>>sure what my problem is. > > >>> > > >>>_______________________________________________ > > >>>Flow-tools mailing list > > >>>[EMAIL PROTECTED] > > >>>http://mailman.splintered.net/mailman/listinfo/flow-tools > > >> > > > > > >_______________________________________________ > > >Flow-tools mailing list > > >[EMAIL PROTECTED] > > >http://mailman.splintered.net/mailman/listinfo/flow-tools > > > > _______________________________________________ > > Flow-tools mailing list > > [EMAIL PROTECTED] > > http://mailman.splintered.net/mailman/listinfo/flow-tools > ----------------------------------------------------------------- Heineke, Matthew Steven Vanderbilt University Email: [EMAIL PROTECTED] _______________________________________________ Flow-tools mailing list [EMAIL PROTECTED] http://mailman.splintered.net/mailman/listinfo/flow-tools
